Linux file system Flashcards
What is the -l flag in the ls linux command?
Long listing
Shows metadata about files, including permissions
What are the components of the ls -l listing?
File type (e.g. d or -)
Permissions (rw-r–r–)
Extended attributes (.)
User owner
Group owner
What does the filetype - mean?
No special type (normal file)
How is filetype formatted in the ls -l command?
The first symbol, in front of permissions:
Filetype: -
-rw-r–r–
Filetype: d (directory)
drw-r–r–
What is XFS?
Default filesystem format in Red Hat Linux 7, 8 and 9
High-performing, journaling file system
How are file permissions formatted?
In 3 sets of permissions
rw-r–r–:
Owner: rw-
User group of the owner: r–
Others: r–
What are the representations in symbolic mode?
u: user owner
g: group owner
o: Others
r: read
w: write
x: execute
How does the system run through when a user interacts with a file?
- First check if user is the owner. If so, grant owner permissions, run no further checks.
- Next, the users group membership is validated to see if they belong to the owner group. If so, group permissions are granted. No further checks.
- “other” permissions are applied if the two previous checks fail.
What does a user’s permission expression contain?
Expression include 3 basic types of permission: r, w, x
Each character indicates if a permission is granted
symbol: granted
-: not granted
How can permissions be represented in numeric mode?
a 3-digit value represents specific file permissions, called octal values.
First digit is owner, second is group, third is other.
r: 4
w: 2
x: 1
If the owner has value 7, it means the permissions are as such:
rwx = 4+2+1 = 7
If the group has value 4, the permissions are:
r– = 4+0+0 = 4
What does the read permission allow a user?
Access file content, e.g. through using the command cat or less or an editor.
What is the cat command?
Concatenate files and print on the standard out
If we use cat on multiple files, the file contents will be concatenated and sent to stdout
cat file1 file2
result:
file1 contents
file2 contents
What permissions are required to copy a file?
read
What does the write permission allow a user?
Modify content of file
Allows the user to use the redirect or append operators in the shell (> and»_space;) to change the contents of a file
What does the execute permission allow a user?
Allows to execute the contents of a file.
Allows to run bash script, python files and interpreted languages.
The contents are typically commands or compiled binary applications.
What is the redirect operator in shell?
command > filename
Redirect the output of a command to for example a file.
File is created if it does not exist, and overwritten if it does.
What is the append operator in shell?
command»_space; filename
Used to append the stdout of a command to a file.
Can be used to e.g. append data to a log file.
File is created if it does not exist, data appended if it does.
What is the default stdin device (standard input)
Keyboard
What is the default stdout device (standard output)
Screen or particular terminal window
What is redirection of output?
When we want to put output of a command in a file (>) or issue another command on the output of one command.
What does the | (pipe) operator do?
Sends the stdout of one command as stdin of another command.
What is the difference between the > and the»_space; operator?
> replaces content of a file, whereas»_space; appends to the content of a file
How can the contents of a file be executed when we do not have the execute permissions?
Use an interpreter that has execute permissions to read a file with instructions for the interpreter to execute.
Example: Invoking a bash shell script:
bash script.sh
The executable being run is bash
script.sh is only being read by the Bash interpreter
How does read permissions work for directory files?
Allows the user to read the contents of the directory.
This means that the user can view the contents (or files) stored within the directory. Required for e.g. “ls -l” to work
How does write permissions work for directory files?
Allows a user to modify the contents of the directory, meaning adding or removing files from directory.
How does execute permissions work for directory files?
Execute provides access to the directory.
It authorizes a user to look at extended info on files (ls -l), but also allows you to change working directory (cd), or pass through this directory on the way to a subdirectory.
What permission is required for a user to be allowed to move (mv) or remove (rm) files from a directory?
Write
What permission is required for a user to be allowed to create new files (touch) or copy (cp) files into a directory?
write
What is the touch command?
Creates a file if the FILE argument does not exist
For an existing file, updates the access and modification times of the FILE argument
What happens if a user has write permissions to a directory, but not execute permissions?
Can no longer add files to a directory because the user cannot access the directory’s metadata to store the information for a new, additional file.
TODO: Try this in practice, create a directory with -w- permissions and check if a file can be accessed.
How can file and directory permissions be modified?
chmod command
What is the chmod command?
Change mode, changes permissions of a file or directory.
Numeric mode:
chmod 744 filename.txt
Symbolic mode: Enter a user class and the permissions you want to grant them
chmod ug+rwx file.txt
This gives rwx permissions for owner (u) and owner’s group (g)
chmod o+r file.txt
Gives r permissions for others
How can you define permissions for all users at once?
chmod a
What is the chown command?
Change a file’s owner and/or group
If a username or ID is given, this username is made the owner of the file, the file’s group is not changed.
chown root file.txt
If the username is followed by a colon and a groupname or ID, the file group is changed.
chown root:staff file.txt
If the username is followed by only a colon, the user owner is changed and the file’s group is changed to the group of the new owner.
If only a colon and a group is provided, only the file’s group is changed (functions the same as chgrp)
If only a colon is provided, or the operand is empty, nothing changes for the file.
What is the chgrp command?
Changes the group of a file.
chgrp staff file.txt
What are special file permissions?
Provides additional privileges over the standard rwx permissions
What is SUID?
The special permission for the user access level. A file with SUID always executes as the user who owns the file, no matter who is passing the command.
To add SUID, the x permission is replaced by s for the owner.
-rwsr-xr-x
What does +-= mean in chmod?
Add, remove and set exact permission
chmod a+r file.txt
Every user gets the r permission
chmod go-w file.txt
Write permission is removed from group and others
What is the SGID permission?
If s is set on a file, allows it to be executed as the file group of the file.
If s is set on a directory, any files created in the directory will have their group ownership set to that of the directory owner.
drwxrwsr–
Directory: s replaces x for the group permissions
-rwxrws—
File: s replaces x for the group permissions
When is an uppercase S used for SUID?
The owning group does not have execute permissions
What is the sticky-bit permission?
Does not affect individual files, but at directory level, it restricts file deletion.
Only the owner (and root) can remove the file within the directory.
drwxrwxrwt
t replaces x
How is special permissions added using chmod?
Symbolic:
chmod g+s filename (SGID)
Numeric:
SUID: 4
SGID: 2
Sticky: 1
chmod X### filename
X: special permission digit
What is the l file type?
Symbolic link
Special files that refers to another file or directory in the system.
Shortcuts that points directly to the original file.
Allows multiple access point to a single file
What is the -ld flag to “ls -ld”?
If the supplied name is a directory, show info of the directory itself, and not the content of the directory
How can you add a new group in a system?
groupadd GROUPNAME
How can you add a new user to a system?
useradd USERNAME
How does the mv command work?
mv SOURCE DEST
DEST or DIRECTORY
Renames SOURCE file to DEST
Moves SOURCE to DIRECTORY/SOURCE
Who can change the permissions of a file/directory?
The owner
What is the su command?
Run a command with a substitute user and group ID
Runs a command as another user
su - username
-: starts shell as login shell, which resets all environment variables and creates them again.
What is the difference between su and sudo commands?
Sudo: Acronym for superuser do or substitute user do
Runs an elevated prompt without need to change identity.
Let’s a user issue commands as another user, does not switch user.
Su: acronym for switch user or substitute user
Basically switching to this user, requires password of user
What command is used to stop running commands as a different user (after running su)
exit
What are root able to do?
remove any or all files
Change permissions of any or all files
Change the runlevel of the system
Alter user accounts
Mount or unmount filesystems
Remove or install software
Create, remove and alter file systems
How can you switch to root using su?
su -
-: provides root environment (path and shell variables)
Should not switch to root using su, as the terminal will become root - too much power.
When do you not need to provide a password when running su username?
When username is not root, and you are running as root when issuing su username
What does the command “find -perm 775” do?
No path is added so the command look in the current directory for files with 775 permission level
What does the command “find -perm -775” do?
The find command returns anything with permissions greater than or equal to 775.
Looks recursively, so not only in the current directory, but also sub-directories
What does -type f mean in “find -perm -755 -type f” ?
Only targets files, not directories
What does {} \; mean in “find -perm -755 -type f -exec chmod 600 {} \;”
It tells the find command that it should execute chmod individually for each file matching the find-criteria
What is the -exec option of the find command?
Allows us to run a command on the result from “find”
